99% of Android devices can be completely 'taken over' through a massive vulnerability hole

0.phoneArena
04 Jul 2013, 09:11posted on

Mobile security start-up, Bluebox, has released a statement on their blog that they have discovered a vulnerability in Android's security model, allowing hackers to slip malicious code into Android devices unnoticed by your phone's built-in defensive mechanism...

Come on... this happens only if you install malicious apps downloaded from outside the market, so it will affect only a minority of users which implicitly accept the risk. That's not 99% of Android users.
Anyway I agree that this is a nasty bug.

This MASSIVE vulnerability is just the security companies trying to scare you. It can't be found on the play store only through apps that you download from a third party source. Which google tells you specifically that downloading from third party stores can greatly increase your chance of malware. No News here

Idk why people don't wanna see what's written. Stop thinking this is only for apps downloaded outside of the play store. The article said google has updated their play approval process to block these apps. Which means the problem IS with apps in the play store. The big problem is what about the apps already in the play store that don't have to go through googles new approval process. So regardless of where a user gets their app from or how they use the phone they are vulnerable.

just the risk of an open os. Its up to the user to decode if its worth it.

No, Google play services removed blocked the exploits and heres my favorite part the exploit was found by a SECURITY SERVICE it is not being used by any hackers, there is no app that you can download on the google play store that has this defect (Theres malware on the play store just not this one). Unknown till now, as far as were concerned ZERO DEVICES are being harmed from this.
If anything you should be glad this was found by a security company rather than a group of hackers.

As for downloading apps from a third party source you have been warned by google to be careful when downloading apps.

That's not, strictly speaking, the way of it. Sure, Google has taken steps to remedy the situation, and sure - third-party app stores are the OS version of the Wild West :)

This is still at the very least news worthy, because the range of flawed devices is just enormous, no - almost all-inclusive. Moreover, even though there is no way to know for sure how many devices (if any at all) have been compromised, this exploit has, apparently, been out in the wild for _4_ years, 98% from the length of which Google had no clue whatsoever.

Could the company be overplaying it? Usually - yes. But in this case you have a documented case, to be discussed during the Black Hat conference and Google has taken steps to fix it. In other words, the threat is/was there :).

As I don't see an "update" notation, I will have to assume this part here: "How serious can this get? We don't know, but it's comforting to know that Google is aware of the issue and has already updated their Google Play approval process, blocking out apps with this problem." had already taken place by the time of your writing of the article.

Which means your sensationalizing the story and fear mongering. Especially taking the title into consideration.

As a private security consultant, how about I clue you in on something else. 100% of people who live in a home are vulnerable to burglary.
That's basically all your article is.

Don't you have to install from outside the Play Store for this to happen, though? You can't just arbitratily modify code on someone's device, you have to change the files somehow before you can get in.

It's a hole, but most people won't be affected. And it probably could be easily fixed with an MD5 check or something along those lines. Google Play Services might even be able to roll out such a security patch.

Bought Norton Security. Using my Xperia Z without concern. Deeper research into the software of different android manufacturers show that Samsung's pre-set android system to be the most vulnerable to hacks and similar attacks.

Best new Android, iPhone and Windows Phone apps

All content (phone reviews, news, specs, info), design and layouts are Copyright 2001-2015 phoneArena.com. All rights reserved. Reproduction in whole or in part or in any form or medium without written permission is prohibited! Privacy . Terms of use . Cookies . Team